diff options
| author | Filipa Lacerda <filipa@gitlab.com> | 2017-06-08 22:49:14 +0100 |
|---|---|---|
| committer | Filipa Lacerda <filipa@gitlab.com> | 2017-06-08 22:49:14 +0100 |
| commit | 08aff6fb92e8e59d6a818342201ecbbeee19dbe0 (patch) | |
| tree | 1330be3b351e6d7b1375659f8e32113c8979fb55 /app/assets/javascripts/notes.js | |
| parent | 081f48fb0641758acc524d9e171784a9a6923b5a (diff) | |
| parent | edd8d91194ce79cb5d77973c40436b98eb4d97fc (diff) | |
| download | gitlab-ce-33466-jobs-navigation-menu.tar.gz | |
Merge branch 'master' into 33466-jobs-navigation-menu33466-jobs-navigation-menu
* master:
Clarify API V5 being a compatability layer on top of GraphQL
Update per discussion
Use RequestStore on MR show.json query count spec
Merge branch '25934-project-snippet-vis' into 'security-9-2'
Merge branch 'dz-api-x-frame' into 'security-9-2'
Merge branch 'dz-restrict-autocomplete' into 'security-9-1'
Merge branch 'cherry-pick-dc2ac993' into 'security-9-2'
Update rename_system_namespace_spec to new validations.
Make the uploader use the updated folder
Bring in security changes from the 9.2.5 release
Bring in security changes from the 9.2.5 release
GitLab GEO also does not support mysql replication
Diffstat (limited to 'app/assets/javascripts/notes.js')
| -rw-r--r-- | app/assets/javascripts/notes.js | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/app/assets/javascripts/notes.js b/app/assets/javascripts/notes.js index 929965de5c1..b0143b12cfe 100644 --- a/app/assets/javascripts/notes.js +++ b/app/assets/javascripts/notes.js @@ -1478,7 +1478,7 @@ const normalizeNewlines = function(str) { const cachedNoteBodyText = $noteBodyText.html(); // Show updated comment content temporarily - $noteBodyText.html(formContent); + $noteBodyText.html(_.escape(formContent)); $editingNote.removeClass('is-editing fade-in-full').addClass('being-posted fade-in-half'); $editingNote.find('.note-headline-meta a').html('<i class="fa fa-spinner fa-spin" aria-label="Comment is being updated" aria-hidden="true"></i>'); @@ -1491,7 +1491,7 @@ const normalizeNewlines = function(str) { }) .fail(() => { // Submission failed, revert back to original note - $noteBodyText.html(cachedNoteBodyText); + $noteBodyText.html(_.escape(cachedNoteBodyText)); $editingNote.removeClass('being-posted fade-in'); $editingNote.find('.fa.fa-spinner').remove(); |